Posted
by
Soulskillon Tuesday December 04, 2012 @05:07PM
from the hard-drives-can-still-grow-legs dept.

Rambo Tribble writes "The Swiss spy agency, NDB, reports a disaffected employee walked out with drives containing terabytes of data shared by counter-terrorism agencies in Switzerland, the U.S. and Britain. It is not yet known if he was able to pass on any information before he was apprehended. 'A European security source said investigators now believe the suspect became disgruntled because he felt he was being ignored and his advice on operating the data systems was not being taken seriously.'"

Actually, it has been a long time since banking secrecy in Switzerland does not hold when crime is involved. When any Swiss bank suspects funds originate from criminal activities (e.g. drug or weapon trafficking, etc), it has the legal obligation to report it to Swiss financial market authority. From there, an investigation will be open. More information here [finma.ch].

However, tax evasion is not considered as a crime in Switzerland. This means that until recently, Swiss banks or the government would not disclose any information to foreign governments when only tax evasion was suspected. In the past few years though, international pressure on the Swiss government obliged it to ease the banking secrecy to the point where there is no secrecy anymore, except for permanent Swiss residents.

Evidence you can't see might as well not exist. Especially if the person you have to trust is the one asking for extraordinary powers.

It's quite telling that there hasn't been a successful terrorist attack in the US since 9/11. That means that the government is 100% effective at counter terrorism. When was the last time the government was 100% effective at anything? Does that not raise red flags?

Also, look at the alleged terrorists they have apprehended. Every one of them was given significant help by the government. I don't believe a single one of them would have been a credible threat without being egged on by the government. Yes, they might have had the motive, but when the government provides the means and the opportunity they're at least as guilty as the alleged terrorist.

And why does Switzerland care so much? Are they a target of terror? No drug lord, dictator, or terrorist would gain from attacking the nation-host of his own numbered (ergo anonymous) bank account. Not to mention that the Swiss make the world's best firearms.

Now, if Switzerland had a history of colonizing Africa or the America's, if they routinely invaded (oil-rich) sovereign nations, if they backed warlords to overthrow democratically elected leaders, if they rounded up civilians and locked them up in c

His actions prove nothing except that a trusted senior individual with administrative rights and physical access to the system could, in fact, divulge sensitive information. That's not scandalous. In fact it is for all practical purposes unavoidable. OK, fault them for not inspecting everybody's bags on the way out of work every single day (ignoring the cost and alienation factor)... even then he could STILL have done it with a microSD under his tongue. At some point it comes down to trusting individuals.

wrong. his action prove only that trusted senior individual with administrative rights and physical access to the system can fall in disgrace with his peers and have any intangible charge brought as his downfall.

"The source said that under the NDB's present structure, its human resources staff - responsible for, among other things, ensuring the reliability and trustworthiness of the agency's personnel - is lumped together organizationally with the agency's information technology division. This potentially made it difficult or confusing for the subdivision's personnel to investigate themselves"

you'd think they'd have taken this into consideration in the first place. Rookie mistake?

If he was able to get Terabytes of data out with impunity and walk out with it in a back pack than he was right that things weren't being done right. If they had been working with best practices he never would have been able to pull the data out.

Read the article, sounds like the only reason the data didn't go to the highest bidder is he hadn't sold it yet. They said he was disgruntled, perhaps he was willing to sacrifice his career to make a point about things not being done right?

1: "The suspect in the spy data theft worked for the NDB, or Federal Intelligence Service, which is part of Switzerland's Defense Ministry, for about eight years."2: "He was described by a source close to the investigation as a "very talented" technician and senior enough to have "administrator rights," giving him unrestricted access to most or all of the NDB's networks, including those holding vast caches of secret data."

A: "for about eight years" --> "unrestricted access to most or all of [...] vast ca

This event dates from late September. As far as I know he was caught, before he could sell anything.

But, the Swiss Secret Service was lucky: The guy was caught because his bank became suspicious when he wanted to set up bank accounts to receive the future price for the loot.

The guy essentially walked out of the place with disk drives full of data. As he was the IT maintenance guy, he could pull this off without anybody getting suspicious. If your IT guy replaces 'broken' disk drives, everything is ok, oth

Switzerland had a walk in who (gave/sold?) the Soviets the bunker locations and moblization timetables. He was caught.
Switzerland is very small at the planning level of its structure. Very few make it up the chain of command with the correct trust and the huge number of days training needed vs having a day job.
They can profile the family structure and training of their top people over many years but "IT maintenance guy" are what treated as just "technician" staff? vs the quality of life that the officer

Most companies require a second signature on checks with a high enough dollar amount, so why not a similar system for servers?

Simply list secured directories/files and secured output devices (printers, usb, etc). If you try to move/copy/edit anything from a secured directory or to a secured device, your command gets put in a queue and waits for a second user to ok it.
Is there anything like this available already?

My college set up something like that for password resets. Two computing center student employees could type in their own passwords and the username of another student to reset that student's password. If I remember right, it didn't work on faculty accounts and in a few other situations.

'A European security source said investigators now believe the suspect became disgruntled because he felt he was being ignored and his advice on operating the data systems was not being taken seriously.'"

Okay poindexter, what exactly was the issue? Some non-technical middle manager didn't understand the overarching brilliance of your recommended filesystem? Afraid the key length is too short? Too much Linux? Not enough Linux? Welcome to the real world, where your temper tantrum effects no change for anyone else but you. Hope your issue wasn't genuinely important, you'll have a hard time making your case from prison./facepalm.

You IT guys seem so sensitive! Makes this old Marine Corps Vetaren want to puke! First, debrief the traitor. Who knows maybe his advice on operating the data systems may yield something. Then, throw his a$$ into solitary in a super max prison for 10 to 15 years and see if it cures his disgruntled-ness!!!

- The Swiss intelligence agency had pathetic security. This guy was an IT guy with far too much direct access to data. Second, there was no policy in place restricting (and checking) what employees could carry in and out of the building. So he duplicated the contents of numerous entire disks, and walk out the door carrying the copies.

- The guy was an idiot. He copied terabytes of data, figuring to get rich quick. But he had no idea how to sell the